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DETAILED ACTION 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1.17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1 .1 14, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on August 
22, 2005 has been entered. 

2. Claims 1-14 are pending in the application. Claims 1 and 8 are currently 
amended. 

Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

3. Claims 1 -6 and 8-1 3 are rejected under 35 U.S.C. 1 03(a) as being unpatentable 
over Thuraisngham et al. (U.S. Patent 5,355,474) in view of Hall et al. (U.S. Patent 
5,675,785). 



Application/Control Number: 09/844,717 
Art Unit: 2131 



Page 3 



Regarding claim 1 , Thuraisngham discloses: 

A method for restricting access to information in a dimensional database, said 
method comprising: 

receiving a request from a requester, said request associated with a plurality of 
request levels of a corresponding plurality of dimensions, the request levels being levels 
of dimensional hierarchies (column 4 lines 29 - 52); and 

comparing each of the plurality of request levels with each of a corresponding set 
of security levels, the security levels restricting the levels of each dimensional hierarchy 
to which the requester is permitted access (column 4 lines 29 - 52). 

Thuraisngham does not explicitly disclose that security is provided at fact and 
dimensional levels by defining different security levels for different facts. Hall discloses 
providing different security levels for different summary and fact tables, and also 
provides separate security levels for each summary level, providing dimensional 
security (column 8 lines 10-29). Hall and Thuraisngham are analogous arts because 
both provide for database security measures. Thuraisngham can use the fact level 
security of Hall as Thuraisngham already uses "content-dependent security constraints" 
(column 4 lines 30-32). These security constraints can be altered for different fact levels 
as disclosed by Hall to provide separate security for each level providing for 
"dimensional security" (column 8 lines 21-24). Furthermore, as stated in Hall, "this 
allows users request to see data summarized at some levels, but not others" (column 8 
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lines 21-27). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention, to use the fact level security of Hall in conjunction with the multi- 
level database security of Thuraisngham to provide for dimensional security and to 
allow users to view only information at authorized levels providing for more secure 
database management. 

Regarding claim 8, Thuraisngham discloses: 

A computer readable medium for storing a plurality of instructions for restricting 
access to information in a dimensional database, said plurality of instructions 
comprising: 

receiving a request from a requester, said request associated with a plurality of 
request levels of a corresponding plurality of dimensions, the request levels being levels 
of dimensional hierarchies (column 4 lines 29 - 52); and 

comparing each of the plurality of request levels with each of a corresponding set 
of security levels, the security levels restricting the levels of each dimensional hierarchy 
to which the requester is permitted access (column 4 lines 29 - 52). 

Thuraisngham does not explicitly disclose that security is provided at fact and 
dimensional levels by defining different security levels for different facts. Hall discloses 
providing different security levels for different summary and fact tables, and also 
provides separate security levels for each summary level, providing dimensional 
security (column 8 lines 10-29). Hall and Thuraisngham are analogous arts because 
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both provide for database security measures. Thuraisngham can use the fact level 
security of Hall as Thuraisngham already uses "content-dependent security constraints" 
(column 4 lines 30-32). These security constraints can be altered for different fact levels 
as disclosed by Hall to provide separate security for each level providing for 
"dimensional security" (column 8 lines 21-24). Furthermore, as stated in Hall, "this 
allows users request to see data summarized at some levels, but not others" (column 8 
lines 21-27). Therefore, it would have been obvious to one of ordinary skill in the art at 
the time of invention, to use the fact level security of Hall in conjunction with the multi- 
level database security of Thuraisngham to provide for dimensional security and to 
allow users to view only information at authorized levels providing for more secure 
database management. 



Claim 2 is rejected as applied above in rejecting claim 1 . Furthermore, Thuraisngham 
discloses: 

The method of claim 1 , further comprising: 

retrieving the set of security levels from a plurality of sets of security levels, 
wherein each of the plurality of sets of security levels are associated with at least one 
requestor (column 3 lines 59 - 63). 

Claim 3 is rejected as applied above in rejecting claim 1. Furthermore, Thuraisngham 
discloses: 

The method of claim 1 , further comprising: 
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generating a query for the request with the request levels, wherein each of the 
plurality of request levels are equal or exceed each of the corresponding set of security 
levels (column 9 line 50 - column 10 line 13); and 

generating a query with at least one of the security levels, wherein at least one of 
the security levels exceeds a corresponding one of the request levels (column 9 line 50 
-column 10 line 13). 



Claim 4 is rejected as applied above in rejecting claim 1. Furthermore, Thuraisngham 
discloses: 

The method of claim 1 , wherein the request is associated with one or more 

request constraints, and further comprising: 

retrieving one or more security constraints (column 8 lines 30 - 59); and 
comparing each of the request constraints to a corresponding one of the security 

constraints (column 25 line 55 - column 26 line 20). 

Claim 6 is rejected as applied above in rejecting claim 1. Furthermore, Thuraisngham 
discloses: 

The method of claim 1 , further comprising: 

determining whether the requester is in a restricted group (column 10 line 53 - 
column 1 1 line 65); 

wherein the requester is in a restricted group, adding a request level to the 
request, wherein the added request level indicates that the requester is in the 
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restricted group (column 10 line 53 - column 1 1 line 65); and 

wherein the requester is in an unrestricted group, adding request levels to the 
request, wherein the added request level indicates that the requester is in the 
unrestricted group (column 1 0 line 53 - column 1 1 line 65). 

Claim 9 is rejected as applied above in rejecting claim 8. Furthermore, Thuraisngham 
discloses: 

The computer readable medium of claim 8, wherein the plurality of instructions 
further comprising: 

retrieving the set of security levels from a plurality of sets of security levels, 
wherein each of the plurality of sets of security levels are associated with at 
least one requester (column 3 line 59 - 63). 

Claim 10 is rejected as applied above in rejecting claim 8. Furthermore, Thuraisngham 
discloses: 

The computer readable medium of claim 8, wherein the plurality of instructions 
further comprising: 

generating a query for the request, wherein each of the plurality of request levels 
are equal or exceed each of the corresponding set of security levels (column 9 line 50 - 
column 10 line 13); and 
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generating a query with at least one of the security levels, wherein at least one of 
the security levels exceeds a corresponding one of the request levels (column 9 line 50 
-column 10 line 13). 

Claim 1 1 is rejected as applied above in rejecting claim 8. Furthermore, Thuraisngham 
discloses: 

The computer readable medium of claim 8, wherein the request is associated 
with one or more request constraints, and the plurality of instructions further comprising: 
retrieving one or more security constraints (column 8 lines 30 - 59); and 
comparing each of the request constraints to a corresponding one of the security 
constraints (column 25 line 55 - column 26 line 20). 

Claim 13 is rejected as applied above in rejecting claim 8. Furthermore, Thuraisngham 
discloses: 

The computer readable medium of claim 8, wherein the plurality of instructions 
further comprising: 

determining whether the requestor is in a restricted group (column 10 line 53 - 
column 11 line 65); 

wherein the requester is in a restricted group, adding a request level to the 
request, wherein the added request level indicates that the requester is in the restricted 
group (column 10 line 53 - column 1 1 line 65); and 
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wherein the requester is in an unrestricted group, adding request levels to the 
request, wherein the added request level indicates that the requestor is in the 
unrestricted group (column 10 line 53 - column 1 1 line 65). 

Claim 5 is rejected as applied above in rejecting claim 4. Furthermore, Thuraisngham 
discloses: 

The method of claim 4, further comprising: 

generating the query wherein each of the request constraints is equivalent to the 
corresponding one of the security constraints (column 10 lines 35 - 52); and 

denying the request, wherein one of the request constraints is different from the 
corresponding one of the security constraints (column 10 lines 35 - 52). 

Claim 12 is rejected as applied above in rejecting claim 11. Furthermore, 
Thuraisngham discloses: 

The computer readable medium of claim 1 1 , wherein the plurality of instructions 
further comprising: 

generating the query wherein each of the request constraints is equivalent to the 
corresponding one of the security constraints (column 10 lines 35 - 52); and 

denying the request, wherein one of the request constraints is different from the 
corresponding one of the security constraints (column 10 lines 35 - 52). 
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4. Claims 7 and 1 4 are rejected under 35 U.S.C. 1 03(a) as being unpatentable over 
Thuraisngham et al. (U.S. Patent 5,355,474) in view of Hall et al. (U.S. Patent 
5,675,785) further in view of Weissman et al. (U.S. Patent 6,212,524). 

Claim 7 is rejected as applied above in rejecting claim 6. Furthermore, Thuraisngham 
discloses: 

The method of claim 6, further comprising: 

determining one or more measures associated with the request (column 4 lines 
29 - 52); and 

comparing each of the requested levels and the added levels to a corresponding 
plurality of aggregate levels (column 2 lines 55 - column 3 line 7, column 4 lines 29 - 
52). 

Thuraisngham-Hall does not explicitly disclose selecting a stargroup associated with the 
one or more measures associated with the request, wherein the stargroup further 
comprises one or more stars. Weissman discloses the use of multiple stargroups in a 
stargroup schema as a way to organize data (column 12 lines 24 - 48). Thuraisngham- 
Hall discusses a dimensional database, but does explicitly state that it must be in a star 
scheme. Weissman states, "in a dimensional datamart, the data is typically organized 
as a star schema" (column 2 lines 26 - 33). Weissman further states, "the advantage of 
such a scheme is that it supports a top down business approach to the definition of the 
schema" (column 2 lines 35 - 40) and also "consistent and flexible" (column 2 lines 42 - 
44). It can be seen that the security method disclosed by Thuraisngham-Hall can be 
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used in conjunction with the star schema disclosed by Weissman, by the disclosure by 
Weissman that "in some embodiments of the invention, the metadata also includes 
security information" (column 8 lines 21 - 25). Weissman further states "the security 
information defines the level of access for various users to the various tables and fields 
in the datamart" (column 8 lines 21 - 25). This provides a top level view of the invention 
of Thuraisngham-Hall, which uses security information which automatically restricts 
access to the data. Therefore, it would have been obvious to one of ordinary skill in the 
art at the time the applicant's invention was made to combine the security method 
disclosed by Thuraisngham-Hall with the star schema used by Weissman to provide a 
top down approach to the definition of schema, and to use a scheme that is both 
consistent and flexible. 

Claim 14 is rejected as applied above in rejecting claim 13. Furthermore, 
Thuraisngham discloses: 

The computer readable medium of claim 13, wherein the plurality of instructions 
further comprising: 

determining one or more measures associated with the request (column 4 lines 
29 - 52); 

comparing each of the requested levels and the added levels to a corresponding 
plurality of aggregate levels (column 2 lines 55 - column 3 line 7, column 4 lines 29 - 
52). 
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Thuraisngham-Hall does not explicitly disclose selecting a stargroup associated with the 
one or more measures associated with the request, wherein the stargroup further 
comprises one or more stars. Weissman discloses the use of multiple stargroups in a 
stargroup schema as a way to organize data (column 12 lines 24 - 48). Thuraisngham- 
Hall discusses a dimensional database, but does explicitly state that it must be in a star 
scheme. Weissman states, "in a dimensional datamart, the data is typically organized 
as a star schema" (column 2 lines 26 - 33). Weissman further states, "the advantage of 
such a scheme is that it supports a top down business approach to the definition of the 
schema" (column 2 lines 35 - 40) and also "consistent and flexible" (column 2 lines 42 - 
44). It can be seen that the security method disclosed by Thuraisngham-Hall can be 
used in conjunction with the star schema disclosed by Weissman, by the disclosure by 
Weissman that "in some embodiments of the invention, the metadata also includes 
security information" (column 8 lines 21 - 25). Weissman further states "the security 
information defines the level of access for various users to the various tables and fields 
in the datamart" (column 8 lines 21 - 25). This provides a top level view of the invention 
of Thuraisngham-Hall, which uses security information which automatically restricts 
access to the data. Therefore, it would have been obvious to one of ordinary skill in the 
art at the time the applicant's invention was made to combine the security method 
disclosed by Thuraisngham-Hall with the star schema used by Weissman to provide a 
top down approach to the definition of schema, and to use a scheme that is both 
consistent and flexible. 
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Conclusion 



Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Kaveh Abrishamkar whose telephone number is 571- 
272-3786. The examiner can normally be reached on Monday thru Friday 8-5. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 
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